The Silexbot malware is compromising IoT devices and destroying their file systems and rebooting them, in an apparent attempt to stop botnet controllers from owning them.
The “general availability” of Google’s Public DNS-over-HTTPS service brings us closer to a world where all online communications, including DNS requesoverare encrypted by default.
Dennis Fisher speaks with Michael Coates of Altitude Networks about his security philosophy and the challenge of protecting hundreds of millions of users at Mozilla and Twitter.
As chip-based payment cards become the norm, criminals are shifting tactics to use shimmers rather than skimmers to steal money from automated teller machines, Flashpoint said.
At AWS re:Inforce, Amazon introduced two new security tools--Control Tower and Security Hub--to help ease the process of securely configuring AWS environments.
The DASHBOARD Act, introduced in the Senate Monday, would require social media companies to tell people what the economic value of their personal data is.
The United States Department of Homeland Security warned that Iranian nation-state attackers could lob malware capable of wiping hard drives and physically destroying machines against U.S. targets as the two countries remain locked in a political game of one-upmanship.
Dell has fixed a serious bug in the SupportAssist utility that is preinstalled on millions of PCs and could give an attacker control of a target machine.
A new vulnerability in Firefox has been used in targeted attacks, one of which has delivered the Netwire OS X malware.
Phishing is a numbers game—and the longer a kit remains hidden and active, the longer the attack can run and net more victims. The developers behind popular phishing kits are adopting best practices from the business world to streamline operations and make money.
The domain control validation process relies on protocols and systems that are susceptible to compromise, so Cloudflare is hoping to fix that with a new service that validates certificates from multiple points.
MongoDB engineers spent the last two years developing field-level encryption, a scheme that would reduce the damage after a data breach.
Cloudflare and several other members have formed the League of Entropy to offer a quorum of public randomness beacons.
It took only a few days for a Linux worm to start exploiting the vulnerability in the Exim mail transfer agent. Microsoft said some Azure customers have already been affected.
A newly discovered version of the Echobot malware, which is tied to the Mirai botnet, contains eight new exploits and targets enterprise applications as well as consumer devices.